AdaCore Merges with CodeSecure to Enhance Static Testing for C and C++ in Embedded Systems
AdaCore has announced its merger with CodeSecure, a company specializing in application security testing, with the aim of enhancing its static analysis tools for C and C++ programming languages. This strategic move is intended to fill a critical gap in AdaCore’s offerings and strengthen security processes within embedded systems.
According to Quentin Ochem, AdaCore’s Chief Product and Revenue Officer, the integration of CodeSecure’s capabilities will complement AdaCore’s existing knowledge in Ada and Rust programming languages. He emphasized the need for effective static analysis in safety-critical applications, a necessity that has become increasingly pronounced amid growing customer demand for comprehensive security verification.
CodeSecure, which was established in its current form in September 2023 following its separation from GrammaTech, and AdaCore share a common backer in Battery Ventures, a technology-focused investment firm. Battery Ventures acquired a majority stake in AdaCore in March 2024 for an estimated $100 million. Following the merger, AdaCore CEO Franco Gasperoni will lead the newly formed entity.
Integration of Resources and Expertise
AdaCore has traditionally concentrated on compilers and tools specific to the Ada programming language but has lacked a robust static analysis solution for widely utilized languages like C and C++. Ochem noted that this shortcoming led customers in sectors demanding high assurance to seek more comprehensive solutions.
The merger aims to forge a unified set of development tools that span the software lifecycle—from writing code to verifying its reliability. CodeSecure’s expertise in static analysis for C++ will enhance AdaCore’s portfolio, allowing for deeper analysis capabilities critical in safety-focused embedded systems.
Ochem added that one of the long-term goals is to create a cohesive technology portfolio that unifies user interfaces and standardizes formats for results through established industry benchmarks like SARIF. This will facilitate improved integration, boosting performance, accuracy, and usability across both Ada and C/C++ environments.
Importance of Language Flexibility in Embedded Systems
In industries where software failures can lead to devastating consequences, such as aviation and defense, the urgency of minimizing software defects is paramount. Static analysis tools play an essential role by uncovering vulnerabilities before execution, becoming an integral aspect of overall software verification strategies.
Real-world embedded systems commonly employ mixed-language codebases, necessitating broader language support. The merger positions AdaCore to provide consistent analysis results across these varied environments, enhancing user workflows significantly.
AdaCore combines static analysis with dynamic testing and formal proof techniques that mathematically verify the absence of critical bugs. Ochem mentioned that while static analysis and testing often receive concentrated attention, a comprehensive verification strategy incorporates a variety of methods to mitigate security risks effectively.
This merger not only solidifies AdaCore’s capabilities in embedded system development but also aligns with a broader industry trend towards comprehensive security verification to meet the stringent demands of modern software development. As businesses navigate this evolving landscape, the integration of static and dynamic analysis will be crucial in safeguarding software integrity.
